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DETAILED ACTION 
Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-2, 5-8, 16-19, 20-21, 24-26, 34-37 are rejected under 35 U S C. 103(a) 
as being unpatentable over Spelman. 

In reference to claims I and 20, Spelman discloses a method of exchanging 
encrypted information with a merchant without having the merchant's key (column 1 
lines 4-29). The method comprises a communication module for establishing a 
communication connection between a sender and a receiver (Fig, 1); a mapping module 
coupled to the communication module for mapping working data of the sender to 
working data of the receiver (Fig. 1 part 30); the working data having an identifier 
portion (Fig. 2D merchant name) and a research data portion (Fig. 2D GSO). The 
mapping module maps between the identifier portion of the working data in the one 
domain to the identifier portion of the working data in the different domain. The 
recryptor uses the merchant name to fine the public key of the merchant, M, to re-encrypt 
the blob 1 (Fig. 3). 

Although Spelman does not expressly disclose the receiver and the sender being 
in different domains, Spelman does disclose that the sender being a customer and the 
merchant acquirer being an organization such as a bank (column 4 lines 19-35). 
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At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art for the customer, the merchant, and the merchant acquire being in 
the different domains. One of ordinary skill in the art would have been motivated to do 
this because the advent of the Internet enabled customers to purchase, securely, services 
and products remotely over the Internet. 

In reference to claims 2 and 21, a system is disclosed wherein the research data 
portion of the working data includes personal data of individuals (column 5 lines 63-65). 

In reference to claims 5 and 24, a system further comprises a secret sharing 
module for controlling access to the apparatus (Fig. 1 part 30). 

In reference to claim 6, a system is disclosed wherein the secret sharing module 
controls access to the mapping module (column 6 lines 14-59). 

In reference to claims 7 and 25, Spelman does not expressly disclose permanent 
storage means for storing data in a tamper-proof manner. 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to store data in a permanent storage means for storing data in a 
tamper-proof manner. One of ordinary skill in the art would have been motivated to do 
this because it would discourage fraudulent activities. 

In reference to claims 8 and 26, wherein the permanent storage means encrypts 
non-queried parts of the data, said encryption using an encryption key, and the secret 
sharing module storing the encryption key (Fig. 2D). 

In reference to claims 16 and 34, wherein the sender and receiver are respectively 
one of a software implementation and a human being. Spelman states that each block in 
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Fig. 1 represents varying computing devices; therefore it can include software and a 
human being (column 4 lines 43-58). 

In reference to claims 17 and 55, wherein collection of the sender and receiver is 
in respective different sessions. Spelman discloses a system wherein the customer sends 
information to the merchant and then the merchant sends the information to the recryptor 
(Fig. 1). This suggests different sessions. 

In reference to claims 18 and 36, wherein the communication module further 
enables communication connection by a supervisor in addition to the sender and receiver. 
The system of Spelman discloses a merchant acquirer (Fig. 1). This suggests a third 
party involved in the communications. 

In reference to claims 19 and 3 7 wherein the communication connection by the 
supervisor enables remote operation of the apparatus by the supervisor (Fig. 1). The 
merchant acquirer is separate from the merchant and the consumer; and therefore remote. 

Claims 3-4, 9-12, 22-23, 27-30 are rejected under 35 U.S.C, 103(a) as being 
unpatentable over Spelman as applied to claims 1 and 20 above, and further in view of 
Schneier. 

In reference to claims 3 and 22, Spelman discloses encrypting working data 
transmitted over the channel (Fig. 1), However Spelman does not disclose authenticating 
the sender and receiver, resulting in an authorized sender and authorized receiver. 

Schneier discloses a method of mutual authentication using the SKID, so that the 
sender and receiver know that they are talking to each other (page 54-57). 
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At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use mutual authentication as in Schneier in the system of 
Spelman. One of ordinary skill in the art would have been motivated to do this because 
the sender and receiver would be assured that they are talking to each other. 

In reference to claim 4 and 23, a system is disclosed wherein the mapping module 
employs encryption in the mapping of working data in the domain to working data in the 
different domain such that the working data transmitted to the authorized receiver is 
anonymous data (column 6 hnes 14-59). 

In reference to claims 9 and 27, Spelman does not expressly disclose a system 
wherein the permanent storage means employs digital signatures on queried parts of the 
data to detect changes in data and thereby prevent tampering. 

Schneier discloses a system of blind signatures where the document is signed and 
the person does not know what they are signing (pages 112-114). Digital signatures are 
used to detect changes in the data. 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use blind signatures as in Schneier in the system of Spelman. 
One of ordinary skill in the art would have been motivated to do this because the person 
that signed the document can verify that they signed it, but will not know the contents of 
the document. 

In reference to claims 10 and 28, Spelman discloses the concatenation of the 
encryption key and data (column 5 lines 42-54), however Spelman does not disclose 
digital signature is formed from a message digest. 
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Schneier discloses generating a message digest using a one-way hash and then 
signing the message digest (pages 38-39). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to sign a message digest as in Schneier in the system of Spelman. 
One of ordinary skill in the art would have been motivated to do this because it is a 
increases the speed of signing documents. 

In reference to claims 11 and 29, Spelman does not disclose a system wherein the 
permanent storage means maintains a summary measure of stored data 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to maintain a summary measure of stored data in the system of 
Spelman. One of ordinary skill in the art would have been motivated to do this because it 
enable the reconstruction of data in the case of corruption of the original. 

In reference to claims 12 and 30, Spelman does not disclose a system wherein 
said summary measure has a respective digital signature. 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to maintain a summary measure of stored data that has a digital 
signature in the system of Spelman, One of ordinary skill in the art would have been 
motivated to do this because it would enable the detection of changes to the summary 
measure. 
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Claims 13-15, 31-33, and 38 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Spelman as applied to clainos 1 and 20 above, and further in view of 
Ansell etal (6,151,631). 

In reference to claims 13 and 31, Spelman does not expressly disclose storing a 
mapping table having cross-references between identifier portions of working data of the 
two domains 

However Ansell discloses storing a mapping table (fig. 13 part 1306), the 
mapping table having cross-references between identifier portions of data of different 
domains (fig. 13 parts 1302 and 1304) 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to maintain mapping tables as in Ansell in the system of Spelman. 
One of ordinary skill in the art would have been motivated to do this because a mapping 
table organizes the information in a convenient manner. 

In reference to claims 14, 32, and 38, Spelman does not disclose a system 
wherein the mapping module stores a mapping table for plural domains, the mapping 
table being formed of (i) an index section and (ii) a working reference section, the index 
section indicating identifier portion of working data in a first subject domain and the 
working reference section indicating corresponding identifier portion in a second domain, 
the working reference being encrypted, such that the mapping module performs 
decryption on a part of the mapping table to determine usable cross reference of the 
working data. 

However Ansell discloses a system wherein the mapping module stores a 
mapping table for plural domains (Fig. 13 part 1306), the mapping table being formed of 
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(i) an index section and (ii) a working reference section, the index section indicating 
identifier portion of working data in a first subject domain and the working reference 
section indicating corresponding identifier portion in a second domain, the working 
reference being encrypted, such that the mapping module performs decryption on a part 
of the mapping table to determine usable cross reference of the working data (Fig. 3). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to maintain mapping tables as in Ansell in the system of Spelman. 
One of ordinary skill in the art would have been motivated to do this because a mapping 
table organizes the information in a convenient manner. 

In reference to claims 15 and 33, Spelman does not disclose a system wherein the 
mapping module maps working data among plural domains. 

Ansell disclose a system wherein the mapping module maps working data among 
plural domains (Fig. 13 part 1306). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to maintain mapping tables as in Ansell in the system of Spelman. 
One of ordinary skill in the art would have been motivated to do this because a mapping 
table organizes the information in a convenient manner. 

Claim 39 is rejected under 35 U.S.C. 103(a) as being unpatentable over Spelman 
as apphed to claim 1 above, and further in view of Coss et al (EP 0 909 074 Al). 

Spelman discloses a system with a secure container (part 30 in Fig. 1); a computer 
system executing the communication module and the mapping module (part 30 in Fig. 1). 
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However Spelman does not disclose a firewall coupled to the computer system, 
the firewall being housed by the secured container so as to provide tamper-proof 
hardware. 

Coss discloses a system with a firewall with the capability for supporting multiple 
domains (Page 4 paragraph 0025). Firewalls include tamper-proof hardware by 
definition. 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to include a firewall capable of supporting multiple domains as in 
Coss in the system of Spelman. One of ordinary skill in the art would have been 
motivated to do this because firewalls prevent unauthorized access in computer networks. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W Klimach whose telephone number is (703) 305- 
8421 . The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (703) 305-4393. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 

The 2100 Tech center will move to Carlyle in October 2004. The new telephone 
number for the receptionist is (571) 272-2100. The examiner's new telephone number 
will be (571) 272-3854. 
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